MALICIOUS TRAFFIC IDENTIFICATION METHOD AND RELATED APPARATUS

MALICIOUS TRAFFIC IDENTIFICATION METHOD AND RELATED APPARATUS

Provided are a malicious traffic identification method and a related apparatus. The malicious traffic identification method may comprise: determining a reception time of first alarm traffic; on the basis of a preset policy, acquiring a plurality of pieces of second alarm traffic, which correspond to...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Hauptverfasser: ZHANG, Jia, DUAN, Haixin, ZHU, Annan, WAN, Rongfei
Format: Patent
Sprache:chi ; eng ; fre
Schlagworte:
ELECTRIC COMMUNICATION TECHNIQUE
ELECTRICITY
TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHICCOMMUNICATION
Online-Zugang:Volltext bestellen
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:Provided are a malicious traffic identification method and a related apparatus. The malicious traffic identification method may comprise: determining a reception time of first alarm traffic; on the basis of a preset policy, acquiring a plurality of pieces of second alarm traffic, which correspond to the first alarm traffic, within a target time period, wherein the target time period is a time period determined on the basis of the reception time, and the similarity between each piece of second alarm traffic among the plurality of pieces of second alarm traffic and the first alarm traffic is greater than a preset threshold value; performing feature extraction on the plurality of pieces of second alarm traffic, so as to obtain first feature information; and on the basis of the first feature information, determining whether the first alarm traffic is malicious traffic. By implementing the embodiments of the present application, the accuracy of malicious traffic identification in an existing network can be improve